Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mark Shuttleworth Reveals Ubuntu 18.04 Will Get a 10-Year Support Lifespan (zdnet.com)

Posted by BeauHD on from the life-support dept.

At the OpenStack Summit in Berlin last week, Ubuntu Linux founder Mark Shuttleworth said in a keynote that Ubuntu 18.04 Long Term Support (LTS) support lifespan would be extended from five years to 10 years. "I'm delighted to announce that Ubuntu 18.04 will be supported for a full 10 years," said Shuttleworth, "In part because of the very long time horizons in some of industries like financial services and telecommunications but also from IoT where manufacturing lines for example are being deployed that will be in production for at least a decade." ZDNet reports: Ubuntu 18.04 released in April 2018. While the Ubuntu desktop gets most of the ink, most of Canonical's dollars comes from server and cloud customers. It's for these corporate users Canonical first extended Ubuntu 12.04 security support, then Ubuntu 14.04's support, and now, preemptively, Ubuntu 18.04. In an interview after the keynote, Shuttleworth said Ubuntu 16.04, which is scheduled to reach its end of life in April 2021, will also be given a longer support life span.

When it comes to OpenStack, Shuttleworth promised again to support versions of OpenStack dating back to 2014's IceHouse. Shuttleworth said, "What matters isn't day two, what matters is day 1,500." He also doubled-down on Canonical's promise to easily enable OpenStack customers to migrate from one version of OpenStack to another. Generally speaking, upgrading from one version of OpenStack is like a root canal: Long and painful but necessary. With Canonical OpenStack, you can step up all the way from the oldest supported version to the newest one with no more than a second of downtime.

58 of 110 comments (clear)

  1. Why not let the actual users decide how long? by shanen · · Score: 2, Interesting

    This should be a feel-good story, but... I already upgraded one of my Ubuntu machines past 18.04 and I'm mostly annoyed.

    Here's a crazy idea: Why not ASK THE USERS how much support they are actually willing to pay for? As long as there are enough users who are willing to chip in to keep a particular version alive, then it can stay alive. When there are too few users, then it just has to die.

    My vision of the "chip in" is on the order of 10 bucks, which isn't much, but you would get to multiply by the number of users. Some users might chip in more, but I think the basic "chip" should be small. Better to call each chip a "charity share", and the wannabe users would buy charity shares in the projects required to keep the software running.

    For example, there would be an annual project for kernel support, and as long as there are enough donors paying to support the kernel, then it would be supported. For something so essential, you would want to fund the next year in advance, so as the end of the year approached, you would start encouraging the users to pledge charity shares for next year's support. If too few people are willing to support the required kernel, then you still have various options, but basically you start putting on the pressure to pledge or switch to another kernel or even another distro that still has enough support going.

    But won't the free riders be a big problem? No. As long as the actual costs are covered, then who cares how many free riders there are? The whole point is to divide things into reasonable projects to make sure all of the costs are covered. I admit I'd recommend ignoring the free riders when it comes to making decisions, but it should always be open for the free riders to chip in and become financial contributors, eh?

    Anyway, time's up for now, but the "charity share brokerage" bids you ADSAuPR, atAJG.

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    1. Re:Why not let the actual users decide how long? by Anonymous Coward · · Score: 2, Insightful

      uh, since $10 is less than what they actually charge, and they picked 10 years based on their actual paying customers' feedback, they are doing exactly what you are saying, minus the whining.

      https://www.ubuntu.com/support/plans-and-pricing#ua-support

    2. Re:Why not let the actual users decide how long? by Anonymous Coward · · Score: 1

      Clearly you’re not in charge of things

    3. Re:Why not let the actual users decide how long? by jbn-o · · Score: 2, Insightful

      This is how things have always been in the free world: the users can singularly or collectively decide how much they're willing to offer and under what terms to get someone to do programming work. Thanks to software freedom, anyone with a copy of free software also has the freedom to get someone to improve that program for them, for any definition of "improve". The rest are details to be negotiated in a work contract such as how much to pay, who will do the work, contact points for progress updates, and when the work is due. It doesn't matter how old the software is or if there are newer programs one could use to do the same job. One retains control of their own computer and this extends to groups of people working together as you describe. These are enormous benefits to software freedom (but even that word is too weak to describe freedom)—self-determination and cooperation with one's community are freedoms we rightly cherish. None of this activity rejects commercialization but also doesn't make commercial concerns primary. Proprietary software is radically different: the proprietor is a monopoly. There is no competition thus no negotiating with more amenable parties should one find the price too high or if the proprietor is uncooperative. The proprietor also denies the user the freedom to do any of this work for themselves by themselves.

      --
      Digital Citizen
    4. Re:Why not let the actual users decide how long? by shanen · · Score: 2, Interesting

      Where is this "free world" of which you speak? Mostly it makes me think you're one of those Libertarians with a totally distorted understanding of reality. Having a theoretical freedom to do something is NOT the same as having any meaningful capability to do that thing. However the real problem with the real world in contrast to the Libertarian fantasy world is that the information is never equally or fairly shared. It's like the delusion that stock prices reflect perfect information of the real value rather than the programmed delusion of some fast computers that some other fast computer will pay a higher price in the future.

      My take is that we need different economic models. For example, I think we should have a pro-freedom anti-greedom taxation system as part of the general solution to the monopoly problem. The tax rate on corporate profits should be progressive, but not in absolute terms, but rather based on market share. Excessive domination of a market is reducing freedom, and the company should extra for attacking freedom. It should actually be better for the shareholders to divide the company into two competing companies that would offer more choice and more freedom while paying lower tax rates on their profits.

      The main problem is with natural monopolies. In that case the high taxes should mostly be used for (1) regulating the company with the monopoly and (2) researching ways to break the monopoly. You know the monopolist can't be trusted for (1) and is not motivated to do (2) (or even worse, if the monopolist succeeds in (2) the company may sit on it (as in the case of FM radio)).

      I'm pretty sure I have at least a dozen more crazy ideas, but time's up for now, so I bid you ADSAuPR, atAJG.

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    5. Re:Why not let the actual users decide how long? by supremebob · · Score: 2

      I think that they needed to compete with Red Hat, which has been offering 10 years of support on their OS releases since RHEL 5.

      Even that doesn't seem to be enough time for some organizations, who are still using RHEL5 on their servers and friggin Windows XP on their client systems.

    6. Re:Why not let the actual users decide how long? by shanen · · Score: 1

      That would be an important economic consideration if Ubuntu were a normal business. However the primary economic model of Ubuntu is big-donor charity, and in that case too many of the crucial decisions depend on what the big donor wants. Another way to interpret my position is that I am advocating for a little-donor model, whereas many of these decisions would depend on what the little donors are willing to donate for. Cost recovery, not profits.

      I actually speculate that the big donor behind Ubuntu would love to sell the entire thing if he could only find a buyer as generous (or gullible) as IBM. I spent many years with the big blue machine, and I actually had lunch with one of them since that purchase. My opening question was alone the lines of "So is this the kiss of death for Red Hat or for all of Linux?"

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    7. Re:Why not let the actual users decide how long? by AnthonywC · · Score: 2

      While I agree in theory with you; I think in practice anything greater than 10 years is not practical. Providing support has a definite price to pay in terms of resources and providing for a decade is an extremely long time. Just think back to what the computing landscape by going back every 10 years ago will make this obvious.

    8. Re:Why not let the actual users decide how long? by Anonymous Coward · · Score: 1

      How about we not clap such an onerous tax burden the people actually making jobs for Americans? Venezuela did that and nationalized stuff left and right, and they basically have a failed state.

      The US is thriving, with the stock market at record highs, and the economy hotter than ever. Lets not plunge ourselves into another 2008. Libertarian values are at the helm right now, and the country is experiencing prosperity unthinkable just a few years back.

      Oh, and most of these people drive better cars than you do.

    9. Re:Why not let the actual users decide how long? by shanen · · Score: 1

      I absolutely agree with you, but we could both be wrong about how many old machines are out there and how many people might be willing to pony up 10 bucks to keep using an old machine. The essence of my suggestion is that there should be a mechanism to let them be visible, but in a sense of giving them meaningful freedom to choose whether to keep supporting their old distro, switching to and supporting a competing distro, or even "investing" (on a charitable basis) in creating a new distro.

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    10. Re:Why not let the actual users decide how long? by ctilsie242 · · Score: 1

      Sometimes I wonder if Microsoft, or Google would be an ideal suitor for Canonical. Since Ubuntu is one of the defaults in both WSL, and Hyper-V, it would be ideal.

      I do have my reservations about IBM and RedHat. On one side, I know IBM wants some revenue after buying RH, as they didn't buy it for altruism. However, for a big company, it is a good match, since IBM has been selling RedHat on a lot of their POWER and zSeries line for a while.

    11. Re:Why not let the actual users decide how long? by Kjella · · Score: 1

      My take is that we need different economic models. For example, I think we should have a pro-freedom anti-greedom taxation system as part of the general solution to the monopoly problem. The tax rate on corporate profits should be progressive, but not in absolute terms, but rather based on market share.

      This is one of those ideas that sound plausible on paper but when you look at it in practice it will bring registration and gerrymandering hell to everyone as politicians, lobbyists and corporations manipulate what is "the same" market. Like for example if you produce salmon are you in the salmon market, the fish market or the food market? Luxury brands like Rolex will be taxed almost nothing as they're a tiny segment of the watch market. Every professional eBay seller would have to register every product by a constantly changing definition of market.

      And if you could reduce taxes by splitting a corporate entity you'd see lots of shell companies selling a single product or service, maybe even down to the particular instance like here's the Intel i9-9900k by Intel i9-9900k Inc. a wholly owned subsidiary of Intel or joint ventures with 0.01% to the other company if you start making rules about that. And either you make this based on past market share which favor the "new" companies who had 0% or you're creating a system where you don't know your tax rate and thus the profit margin until the bill is due.

      I'm pretty sure I have at least a dozen more crazy ideas, but time's up for now, so I bid you ADSAuPR, atAJG.

      Well, at least you know they're crazy...

      --
      Live today, because you never know what tomorrow brings
    12. Re:Why not let the actual users decide how long? by Kjella · · Score: 1

      While I agree in theory with you; I think in practice anything greater than 10 years is not practical. Providing support has a definite price to pay in terms of resources and providing for a decade is an extremely long time. Just think back to what the computing landscape by going back every 10 years ago will make this obvious.

      What's obvious?
      * AMD and Intel had x86-64 already (2000/2004)
      * Double data rate type three SDRAM (DDR3 SDRAM) has been in use since 2007
      * PCI-SIG announced the availability of the PCI Express Base 2.0 specification on 15 January 2007
      * Since 2004, AGP has been progressively phased out; by mid-2008 only a few models remained
      * The USB 3.0 specification was released on 12 November 2008
      * SATA's market share in the desktop PC market was 99% in 2008
      * 802.11-2007 rolled up all the 802.11a/b/g amendments (1997-2003) into one WiFi standard
      * Production of consumer HDMI products started in late 2003
      * DisplayPort 1.0 was approved by VESA on 3 May 2006
      * 1000BASE-T was standardized in 1999

      Yes, it would have been easier to only support PCIe 3.0 (2010) and to include NVMe support (2011) or 801.11n (2009) or 801.11ac (2013) or Thunderbolt (2011) but on a technical level I don't feel a 2008 PC using all the latest standards is weird. There's no COM or LPT ports, no ISA/EISA/MCA/AGP cards, game ports, token ring and so on. I guess you could find the oddball Firewire port and the venerable VGA connector is still around in 2018, but on the whole it's quite "modern" in terms of standards. I guess you wouldn't find any with actual USB 3.0 ports as the standard was just out, but USB 2.0 is still universally supported anyway.

      I guess you could always run into hardware specific chipset bugs and backporting modern APIs could be a hassle, but my impression is that if you just want support so your line of business software that's essentially unchanged since the green screen days works and runs on a supported platform with security patches it's not a huge effort. It's not a huge market, but I think that it's there. At least from work I know we killed one solution because Windows 2003 ran out of support and triggered costly upgrades to the whole stack, it was kinda replaced but if there'd been a low-cost option to keep the lights on we'd have taken it.

      --
      Live today, because you never know what tomorrow brings
    13. Re:Why not let the actual users decide how long? by Tim12s · · Score: 1

      This is about corporate. I have upward of 2000+ servers and $1.5billion in spend. All i need is one vendor/partner to cry foul and say that their platform depends on unsupported technology that is subject to a zero day flaw resulting in me having to spend stupid cash for one vendor not having an upgrade strategy. Awesome from Ubuntu.

      Whats important to recognize is that they understand their needs of their fellow sysadmins and teams and they are willing to commit engineers and r&d to support. They should be rewarded for this.

    14. Re:Why not let the actual users decide how long? by Ol+Olsoc · · Score: 1

      Sometimes I wonder if Microsoft, or Google would be an ideal suitor for Canonical.

      Sometimes I wonder if Jerry Sandusky would be an ideal babysitter for my 10 year old son.

      Jeezuz man, of all the really bad ideas, your's ranks pretty highly.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    15. Re:Why not let the actual users decide how long? by shanen · · Score: 1

      There are responses to your comments. You actually raise some valid points. Not new points. Not points that I have not already considered in some detail. Not points that cannot be addressed. But still valid. They merit response.

      However your offensive attitude says it would be a waste of time to make the attempt. Congratulations on being an archetype and poster child for closed minds. I wouldn't want you to hurt yourself by thinking too hard.

      It's sort of interesting to watch how the Internet in general and Slashdot in particular have devolved over the years. Not any of the happy or positive senses of "interesting".

      While I am sorry that I see no other reasonable interpretation for your "position", no apology seems likely from your side. I guess this "discussion" must therefore be regarded as terminated.

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    16. Re:Why not let the actual users decide how long? by shanen · · Score: 1

      You should be clear that the "I" in your comment is not you, but rather some hypothetical CTO at a giant company. However I'm afraid that you comment mostly reveals that you don't even know how Canonical is structured now.

      It would probably help to clarify things if you would summarize your history with Linux in general and Ubuntu in particular. I can't really remember for sure, but I think I've been using Ubuntu since the 3rd or 4th release. There was one with a double-D name, but I can't remember if that was the first install or the upgrade.

      However I had reservations about the business model even then. Shuttleworth is rich and can afford to pour a lot of money into his hobby. Now you have me wondering if the real story is that he isn't so rich anymore, which is the other big problem with big-donor charities. Not only can the donor make bad decisions, but his pockets may not be deep enough.

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  2. Can they also adjust the licence... by YuppieScum · · Score: 4, Insightful

    ...so that any IoT device makers that use it are required to provide updates to their devices for the same period?

    --
    This sig left unintentionally blank.
    1. Re:Can they also adjust the licence... by thegarbz · · Score: 1

      Why it won't improve security.

      Angry user mob: The device you produced was discovered to have a backdoor! You need to update the firmware!
      Dodgy manufacturer: We have issued a security update, see changelog.

      Change Log:
      Backdoor password changed.

    2. Re:Can they also adjust the licence... by AmiMoJo · · Score: 1

      Updates are not a solution to the IoT problem. There is just no way we will ever get manufacturers to support devices for 10+ years, and even if we somehow did they would just go bust or lose their update signing keys anyway.

      The fix is security in depth. Build a well secured OS with only the absolute minimum required for the application, to minimize the attack surface. Don't allow connections in or out except via a VPN back to the company server, or locally. No UPnP etc. Set up a sandbox for the application to run in, with things like enforced bandwidth limits and automatic shut-down if problems are detected.

      Make it available for free. That's basically what Android Things is, but a fully free Linux/BSD distro would be nice too.

      Then set up certification to make sure that the manufacturer hasn't done something stupid.

      Far from perfect but also far better than what we have now.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. Better than for Windows now by Lonewolf666 · · Score: 3, Interesting

    At first glance, Canonical is only matching the 10 years Microsoft used to promise for Windows, counting extended support. But if you look closer, Microsoft already is weaseling out of some edge cases (the latest Intel CPUs and AMD's Ryzen on Win7).

    So I'd bet on Ubuntu 18.04 being a safer option than Windows 10 for a system you want to keep for a long time. Let alone that Ubuntu 18:04 was released almost three years after Windows 10. So even if both companies keep their 10 year promises, Ubuntu 18:04 is the better long term option from today's perspective :)

    --
    C - the footgun of programming languages
  4. Good by gweihir · · Score: 5, Insightful

    While I do not use Ubuntu (I use Debian sans systemd-crap), this is good news, as it sets standards for everybody else.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  5. Thanks, Canonical! :-) by Rick+Schumann · · Score: 1

    Happy to see I put my money on the right horse this time around. Running 18.04LTS right now. :-)

    1. Re:Thanks, Canonical! :-) by shanen · · Score: 1

      May I ask whether you put any actual money on the horse? I think you're just speaking metaphorically.

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  6. Unsupported devices need to fall back gracefully by shanen · · Score: 2

    Is that your best idea for a constructive solution? Seems really thin, but maybe you want to flesh it out? However you provoked me into solidifying one of my additional suggestions a bit.

    Devices or software that need security support should have a fail-safe mechanism. Such a device should know how to check whether or not it is still supported for its security updates, and when it cannot confirm the positive status, then it should be designed to fall back to an unsupported status with whatever limitations its security threats require. In the worst case for a potentially dangerous device, the device would ultimately fall back to the single-function state of only being able to check to see if its support has become available again. When it finally gets a green light, then it can update itself and go back to work.

    People who want to use those devices would have to decide what they want to do. They might chip in together to pay for the support. Or maybe one of them is rich and desperate for the device and will pay for all the support required? The users of the device in question also have the option to switch to other devices or look for alternative solutions for whatever problems the device helped solve.

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  7. Just guessing, but by AlanObject · · Score: 1

    This must be a systemd thing.

  8. Re:Free or paid? by Lonewolf666 · · Score: 1

    If Canonical keeps their release cycle of an LTS version every two years, it might be a lesser PITA than the forced updates on Windows10.

    You could take every second LTS version, 4 years apart, and probably have less troubles than with Windoze. Right now, there is a Win10 company laptop behind me that has mysteriously "lost" WLAN a while ago. It also says in Settings => Windows Updates that it cannot search for updates because it is not connected to the internet. Actually it is on Ethernet right now and I'm downloading a set of offline updates on it.
    Our company admin told me that shit like this sometimes happens with Win10 updates, it "forgets" about some hardware which then becomes unavailable.

    --
    C - the footgun of programming languages
  9. corporate chirping by sdinfoserv · · Score: 1

    "don't be evil" - google
    "we don't share your data" - Face book
    "don't be silly on bear stearns" - Jim Cramer, Mad Money
    " We can't be sued for lying to shareholders because it was obvious we were lying" - Wells Fargo CEO
    "you can't possibly use all that 10Mb hard drive" - someone said about the 10Mb PC hard drive

    "we'll support it 10 years!" - Ubuntu....

    The real question, "how big a sucker are you?"

    1. Re:corporate chirping by KiloByte · · Score: 1

      But will linux on Windows 10 support systemd?

      No.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:corporate chirping by F.Ultra · · Score: 1

      Perhaps in some far distant future but at the moment the init in WSL is a MS propitiatory one that you cannot switch out.

  10. Re:Unsupported devices need to fall back gracefull by YuppieScum · · Score: 1

    Is that your best idea for a constructive solution?

    Nope - my best idea for any IoT devices that require connection to a vendor server is to hit them repeatedly with a hammer.

    The same approach should be used on the vendor.

    OK, so perhaps not "constructive" in the literal sense, but still...

    --
    This sig left unintentionally blank.
  11. Market it to people on Windows 7 by xack · · Score: 3, Interesting

    As an alternative to he madness of Windows as a Servce. Improve virtualization/Wine and give people an exit fom reboot hell.

    1. Re:Market it to people on Windows 7 by KiloByte · · Score: 2

      Alas, GNOME. It's not reasonable to expect Windows users to learn a completely different interface type, especially if there's no direct benefit from doing so. Such users also don't yet know they can switch the user interface.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:Market it to people on Windows 7 by phantomfive · · Score: 3, Insightful

      10 years ago I would agree with you, but now with smartphones and "Agile" development processes, users are used to changing interfaces. The interfaces change frequently, and often for no reason. You either have to adapt, or not use your device.

      Not only that, Windows recently insisted their users all learn a completely different interface type.

      --
      "First they came for the slanderers and i said nothing."
    3. Re:Market it to people on Windows 7 by KiloByte · · Score: 1

      Windows recently insisted their users all learn a completely different interface type.

      And backpedaled so fast it was halfway neutered by the next point release, and almost back to normal by the next major version?

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  12. Exciting as a grandma OS by Anonymous Coward · · Score: 1

    This is cool because it means I can put 18.04 on a friend or family member's computer and just not worry about upgrades. I can say it's good for the realistic life of the computer. Where a 5 year OS was probably not going to outlast a desktop computer, especially for a non-technical person who doesn't get excited about upgrading their system.

  13. Re:Poor Canonical engineers by thegarbz · · Score: 3, Informative

    You realise one of the key reasons for adopting systemd was that distribution maintainers have LESS work to do right? Not having to manage a shitload of nasty scripts was one of its great selling points to the maintainers.

    Plus within the next 5 years systemd will have included the entire userland including a web browser and an office suite and will all be delivered via a single package that auto-updates regardless of whether you've set your system to do so or not. The engineers will only have a single package they need to test and everyone will be happy as pie.

    Oh and systemd-mail will include adverts unless you subscribe to systemd-cloudoffice.

  14. Re: Free or paid? by Anonymous Coward · · Score: 2, Interesting

    This.

    You used to be able to buy extended access to repo for $250. Then they stopped responding and blocked me from the repo. This is AFTER they had promised the service would be available to buy for 4 years at least.

    After continuously trying to contact them I found out they now have a minimum spend, and if you are below it they don't want to know about you. and don't even bother responding to you. There sales team is on a commission where only the new volume deal count for anything.

    Ubuntu eventually updated there website to reflect this, but like 8 months after they just snubbed everyone.

    So if you had a small number of servers you had literally zero notice, just one day you are not gets any security patches and you have no option but to upgrade instantly. Now what you thought you had years to do you must do on a Sunday before your get hacked by latest CVE, or pull yourself off the internet.

    Mean while red hat will happily sell you 1 server for $349 per year and give your years of notice before they pull the plug on anything.

    Even if you are happy to pay for 5 years extra, I wouldn't trust them to even deliver on it.

  15. Re:Free or paid? by Lonewolf666 · · Score: 1

    Only in this case a reboot does not help.

    --
    C - the footgun of programming languages
  16. Re:Unsupported devices need to fall back gracefull by KiloByte · · Score: 2

    Nope - my best idea for any IoT devices that require connection to a vendor server is to hit them repeatedly with a hammer.

    What about this: any IoT device should refuse to contact the wide Internet unless it can periodically contact an user-configurable update server?

    This would handle all major use cases: 1. no network, 2. local network only, 3. Internet at large; provide a reasonable default for the uneducated crowd while giving control to those who want it, and provide a configurable compromise between privacy and updates.

    Ubuntu uses apt, and there's a large selection of tools to set up your own mirrors, caches or own repositories. I for one prefer apt-cacher-ng and reprepro for my home usage, but there's more than ten tools in either category I can name out of the top of my head.

    OK, so perhaps not "constructive" in the literal sense, but still...

    Technically "deconstructive", but whacking misbehaving vendors with a hammer just can't go wrong.

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  17. Re:Poor Canonical engineers by KiloByte · · Score: 2

    You realise one of the key reasons for adopting systemd was that distribution maintainers have LESS work to do right?

    That's the only upside of systemd I know of: it reduces the work of maintainers if they ship upstream integration as-is. But if the maintainers try to improve it, it all falls apart (case in point: Debian systemd maintainers still didn't manage to split the package to put the kitchen sink, bicycle and fish bowl (aka different components of systemd) apart. As for benefits for the user... nope. But alas, when distribution maintainers and users disagree, the former prevail.

    Not having to manage a shitload of nasty scripts was one of its great selling points to the maintainers.

    Right. A typical init script is one line (using #!/lib/init/init-d-script), systemd usually requires you to edit 3-5 files.

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  18. Home of the once-a-year 24 hour fiasco by Anonymous Coward · · Score: 2, Interesting

    Just a few days ago I was loading Python packages on my 10 old (but fairly fast due to a SSD) desktop for a development project. I accepted an upgrade message suggesting I move from Ubuntu 18.04 to 18.04.1. The computer has old built in graphics and the upgrade dragged in a package called ubuntu-desktop that dragged in something that completely broke my graphical desktop. It turned out the computer was running Linux just fine and I could ssh into it and get a shell prompt. All I needed at that time was information about how to roll the suite of desktop packages back to what I had previously.

    I have been running Linux for at least 20 years and my observation is about once a year Ubuntu gets broken due to some simple little change that sometimes can't even be tested for. What is missing is documentation and support organized in a usable manner. The AskUbuntu system is not a success. The documentation does not explain simple stuff like rolling back a bad software package. Most Linux computer screwups are easily repairable and the so-called fresh install is a big mistake.

      So on the ten year support proposal, my comment is the support staff should improve the troubleshooting and testing process. I have at least eight years of a filesystem that has not been trashed, but I have wasted between 2 days and 3 weeks every year due to both un-detectable hardware problems (like a USB chip coming un-soldered) and the Ubuntu install program that maroons your old /home in some dog gone un-mounted partition.

  19. Re:Unsupported devices need to fall back gracefull by shanen · · Score: 1

    Mostly just noting that I think we are basically in agreement, though you also seem to be feeding or supporting YuppieScum in some way. I can only see his latest contribution as justified if it's a bid for "Funny" mods, but if so, it's a rather low bid.

    Your [KiloByte's] contribution is one implementation approach. My perspective is sort of higher level. Basically I'm trying the say that any device (but especially Internet-connected devices) should not do dangerous things. In the case of a device that needs software updates to be safe, it should check for the updates first BEFORE doing the potentially dangerous things, and the design of the device should include considering what to do when the device or its environment becomes unsafe. Doing nothing is usually relatively safe (but I think there are cases when the safest behavior will be different from nothing (but also different from full functioning)).

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  20. Ubuntu used to be such a great distro by walterbyrd · · Score: 1

    And every release just got better.

    Sad.

    1. Re:Ubuntu used to be such a great distro by fabriciom · · Score: 1

      Agreed. Doing a do-release-upgrade is the easiest way to fuck everything up.

    2. Re:Ubuntu used to be such a great distro by johnsie · · Score: 1

      Mate is the best Ubuntu, but I prefer the menu that gnome 2 had.

  21. Re:I remember 12.04... by F.Ultra · · Score: 1

    So you don't know what LTS stand for?

  22. I welcome this news but.. by AnthonywC · · Score: 2

    As an (one of the few?) Ubuntu LTS user; I welcome this. I am on 16.04 and had to look up that support ends at 2021; which by then I am fine with upgrading to another LTS version (next-next LTS of 20.04 would be out by then). So I think while 10 years support sounds good; in practice the current 5 years cycle is more practical and quite adequate.

    1. Re:I welcome this news but.. by tlhIngan · · Score: 1

      The real reason I suspect is embedded - there are still times we use Ubuntu 14.04 because we have to support customers using old Android versions. You can use Ubuntu 16.04 to build Android 7, 9 and 9 projects, but older projects require older Ubuntu versions to build.

      We only started provisioning Linux machines with 16.04 this year because we couldn't find machines that run 14.04 without patching, but also because for the most part, most projects are using Android 7 and we've got Android 8 BSPs so most new employees can live with the limitation.

  23. Re:Unsupported devices need to fall back gracefull by ctilsie242 · · Score: 2

    That is an interesting idea. There are a lot of advantages of this. Especially if the device would know that it would be updated to a certain time/date, then from there, it is on its own.

    I do see a few faults, knowing IoT vendors, and their callous attitude:

    This can be used as a denial of service attack, if an device is isolated from the mother ship somehow, goes into fail-secure mode, and loses functionality. Or, it is used to ensure devices have an always-on Internet connection for slurping telemetry 24/7 for something else to sell.

    This would force customers to have to buy new IoT devices. Instead of being able to run unsecured, the devices would pretty much shut down and be useless. There are a lot of IoT companies who would loved guaranteed, timed obsolesce, forcing people to buy new devices every few years, or even every few months.

    IoT makers would use this "functionality" to start to charge for updates, just so people would have to pay them in order to use their own devices.

    I like the idea of going into a "fail secure" mode, but I just fear the abuse, especially by so many companies who just do not care about security whatsoever.

  24. Re:Unsupported devices need to fall back gracefull by shanen · · Score: 1

    I partly agree with you, but my main disagreement would be about the DoS attacks. There has to be a motivation for a sustained DoS attack, and just shutting down someone else's systems has limited benefit. If the goal is simply to deny service, then there are lots of ways to do it, and I don't that forcing devices into their safe modes is likely to be especially effective or damaging (as long as the devices also recover gracefully when communications are restored). In any case, the source of the DoS needs to be found, targeted, and taken off line.

    In terms of the IoT device makers, I think it should be addressed via a safety standard. Non-compliant devices would become much harder to sell. At the same time specifying how long the devices are guaranteed to be safe should be a positive sales feature. Actually, there are already a number of safety standards in place, and it's quite likely that I am simply unaware of the ones that are relevant to what I am advocating. It's been a couple of years since I pretty much got out of the business. (Not really my idea, but my age got up there, and if they really insist on kicking me out of the rat race, I can't pretend any enthusiasm for rejoining. I'm happy enough to be doing a bit of teaching and a lot of relaxing these years.)

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  25. Re:Poor Canonical engineers by thegarbz · · Score: 1

    (case in point: Debian systemd maintainers still didn't manage to split the package to put the kitchen sink, bicycle and fish bowl (aka different components of systemd) apart.

    Still didn't manage to implies they were actively trying. Do you have evidence to back up that statement?

    Right. A typical init script is one line (using #!/lib/init/init-d-script), systemd usually requires you to edit 3-5 files.

    Sorry but that is known horseshit. No major distro used that method, including Debian due to shitton of customisation used by each package. I remember this argument when systemd came out. The *average* init file used by Debian at the time was over 150 lines, though some of those were comments.

    Also if you're editing more than 1 file to create a systemd unit then you're doing something very wrong. Though that one file could be as short as 5 lines including specifying when and how to start and its dependencies. So maybe you just mistyped?

  26. Re:Poor Canonical engineers by Gavagai80 · · Score: 1

    SystemD is kind of like LSB. So many other packages have come to depend on SystemD because package maintainers love the fact that they can count on it providing the entire set of utilities and not some unpredictable selection chosen separately by each distro. If it were just an init system it wouldn't have gained so much traction, it's the way it gobbled up everything else that made it the easy lazy thing to require.

    --
    This space intentionally left blank
  27. Re:Unsupported devices need to fall back gracefull by ctilsie242 · · Score: 1

    What would be an ideal is a UL-like entity, but for IoT stuff. This entity would have standard security measurements, and would enforce security [1] updates for "x" amount of time, perhaps with some surety presented if a company fails to live up to their promises.

    [1] Security as in protection from remote attacks, not just jailbreak resistance, which often get confounded. In general, IoT makers love jailbreak resistance, but hate having to work on protection from remote attacks, since it means fewer features.

  28. Re:Unsupported devices need to fall back gracefull by shanen · · Score: 1

    I think UL is a testing organization? Let me see. Ah, yes. Underwriters Laboratories. Not a bad approach.

    However I think in the terms of this discussion you basically need a way for the device to run a checksum on it's own code and compare it with the checksum it gets from its home server. If they do not match and the device cannot update itself to make them match, then the device should only be able to do "safe" things. Arbitrary example, but if it was an IoT refrigerator, then it would fall back to normal "traditional refrigerator" functions.

    I'm using the IoT example because someone else brought it up, but I am actually thinking at a higher granularity than that. It should even apply to software features within larger systems, and that granularity should be related to the financial support. The original topic was about all of Ubuntu 18.04, but I think that's just too big and the problem needs to be divided and conquered all the way down to the level where individual donors could help decide which features live and die (or evolve or mutate or get replaced or ...).

    Perhaps it will help to extend my suggestion to the IoT refrigerator example? Your "smart" refrigerator might outlive its support. Let's assume that a smart feature requires an external server, but the funding for that server has expired. Even worse, the funding for the update server has also expired. In that situation, when you tried to use the feature, you would get an error message telling you what was wrong, and you would have the option to help pay for the feature if you want to use it. Most likely you would also be faced with a similar option for the update server. However you would not be expected to pay for the entire thing, but only asked to pledge $10 for a charity share, and your share wouldn't actually be committed until enough people have joined in.

    These numbers are just for this arbitrary and imaginary example, but... The feature server might be inexpensive, say $500/year, while the update server is probably going to be much more expensive (because of the programmer support required), say $20,000/year. You could see that the update server is almost funded and buy a share there to support that server for the next year. That translates as 2,000 donors, but if there are 50,000 refrigerators out there (perhaps including different models sharing the same update server), you only need a small percentage of participation to keep it running. It might be more difficult to find 49 more people who agree with you about using the more esoteric feature.

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  29. Cannonical don't write the software by johnsie · · Score: 1

    They can hardly support stuff properly that they didn't even make.

  30. Re: Free or paid? by pnutjam · · Score: 2

    Suse too. They provide a solid 10 years of support.

    --
    Cheap storage VM.
  31. OpenStack self install by clenhart · · Score: 1

    For those of us who don't have $75,000 to install OpenStack, you can do it yourself, https://www.ubuntu.com/opensta...